Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@turnkey/react-native-passkey-stamper
Advanced tools
This package contains a React Native passkey stamper. It uses react-native-passkey
to do the heavy lifting. This stamper is meant to be used with @turnkey/http
react-native-passkey
and @turnkey/react-native-passkey-stamper
(this package) in your React Native project.apple-app-site-association
file from your domain to reference your application. See more details herewebcredentials:your.site.com
)import { createPasskey } from "@turnkey/react-native-passkey-stamper";
// Returns authenticator params that can be used with sub-org creation, user creation, etc.
const authenticatorParams = await createPasskey({
// Won't be visible to users, this is the name of the Turnkey resource
authenticatorName: "End-User Passkey",
rp: {
id: "your.site.com",
name: "Your App",
},
user: {
// This ID isn't visible to users
id: String(Date.now()),
// ...but name and display names are. This is what's shown in the passkey prompt
name: "Some Name",
// displayName should be the same as "name"
displayName: "Some Name",
},
});
import { PasskeyStamper } from "@turnkey/react-native-passkey-stamper";
import { TurnkeyClient } from "@turnkey/http";
const stamper = new PasskeyStamper({
rpId: "your.site.com",
});
// New HTTP client able to sign with passkeys!
const httpClient = new TurnkeyClient(
{ baseUrl: "https://api.turnkey.com" },
stamper
);
// Now, send authenticated requests
httpClient.signTransaction(...)
Head over to this repository for a fully functional React Native app built with Expo.
FAQs
Passkey stamper for React Native
The npm package @turnkey/react-native-passkey-stamper receives a total of 5,074 weekly downloads. As such, @turnkey/react-native-passkey-stamper popularity was classified as popular.
We found that @turnkey/react-native-passkey-stamper demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.